IACR News item: 31 July 2015
Victoria Fehr, Marc Fischlin
ePrint Report
We initiate the study of sanitizable signatures over encrypted data. While previous solutions for sanitizable signatures require the sanitizer to know, in clear, the original message-signature pair in order to generate the new signature, we investigate the case where these data should be hidden from the sanitizer and how this can be achieved with encryption. We call this primitive sanitizable signcryption, and argue that there are two options concerning what the sanitizer learns about the sanitized output: in semi-oblivious sanitizable signcryption schemes the sanitizer may get to know the sanitized message-signature pair, while fully oblivious sanitizable signcryption schemes even protect the output data. Depending on
the application, either notion may be preferable.
We continue to show that semi-oblivious sanitizable signcryption schemes can be constructed in principle, using the power of multi-input functional encryption. To this end, we wrap a regular sanitizable signature scheme into a multi-input functional encryption scheme, such that functional decryption corresponds to the sanitization process. Remarkably, the multi-input functional encryption scheme cannot easily be transferred to a fully oblivious sanitizable signcryption version, so we give a restricted solution based on fully homomorphic encryption for this case.
Additional news items may be found on the IACR news page.